Re: Cisco 2960 Switch Configuration Questions

danmartinnorhrop · ‎07-27-2015

Hello,

I am working on setting up a relatively small but somewhat complex network using a 2960S-48 port switch connected to a 2921 ISR router then connected to an ASA. All data traffic will be routed through a VPN back to the main office and VOIP will be routed to a cloud provider.

1. As of now for end users I am hoping to connect the switch ports directly to the VOIP phones and then piggy back from the phones to user workstations to save on switch ports. I am aware I will have to VLAN the VOIP phones separately from the workstations. Just to be clear does anyone see any issue with what I am trying to do and maybe someone could provide me documentation that could help me do this?

2. Within the office there will also be a separate lab environment with many more workstations but no phones. Would it be possible and wise to have this area have its own separate network and maybe connect it from the 3rd internal router to a couple unmanaged switches instead of using the 2960 to save on the physical ports but keep in mind it also must be routed back through the VPN? Currently I only have the 2960S-48 port switch along with a couple 16 port unmanaged switches to work with. In this case I understand I cannot using VLAN tagging which might not work?

3. My last question is how or what is the best way to route this traffic to where it needs to go. I have received some advice already which includes using sdm to route between VLANS and then don't worry about creating a truck interface to the 2921 router. I also have had advice using standard SVIs. Basically I am hoping someone can elaborate and or provide me feedback because I have no practical experience with VOIP on cisco products.

Thanks for your help,

Joe

Ryan Curry · ‎07-27-2015

Hi Joe, I hope this helps clear up some of your questions:

1) Are you using Cisco phones or some other provider? It's possible that you may need to set the interfaces up as a trunk with the native VLAN being that which you want the PC on. It's a tough call but the provider should have some documentation on how they recommend configuring the switch ports.

2) If it were me, I would configure a separate VLAN for the lab and just have those devices off of access ports on the switch. Since that traffic will come through untagged, there's really no reason to trunk those interfaces. Whatever access VLAN you configure on the ports are what all of those devices will tie back to.

3) Again, if it were me, I would do all the routing on the 2921 and let the 2960 just do the switching. Connect the router and switch via a trunk and configure sub-interfaces on the router for the VLANs (look up router-on-a-stick configuration). This configuration should be easier to implement as you only have to worry about a single layer 3 boundary.

Hope that helps, good luck!

Aijaz Rehman · ‎05-19-2024

I'll advise you to use 2960 for basic switching that uses trunk ports to transport VLANs. All the routing and VLAN setup should be done at core level, including the voice VLANs, helper addresses, and the option 150. then establish a VTP domain to make the network easy to go. Your VLANs will then be easily accessible; all you have to do is apply the VALNs on the ports.